summaryrefslogtreecommitdiff
path: root/lib/plugins/authplain/lang/de-informal
diff options
context:
space:
mode:
authorAndreas Gohr <andi@splitbrain.org>2015-03-18 22:16:34 +0100
committerbxn <bxn@gitorious>2015-03-19 20:27:37 +0100
commitee62f3f7f1d59e4e3c7a643a67ecd52583ce9512 (patch)
tree9216b164a56bcaa2eff9f216784c2f21d94ea10a /lib/plugins/authplain/lang/de-informal
parent4f50e20a5170571b6dd6b5a49bb5ca84cf2f0a42 (diff)
downloadrpg-ee62f3f7f1d59e4e3c7a643a67ecd52583ce9512.tar.gz
rpg-ee62f3f7f1d59e4e3c7a643a67ecd52583ce9512.tar.bz2
SECURITY escape user properties in user manager #1081
The user properties (login, real name, etc) where not properly escaped in the user manager's edit form. This allowed a XSS attack on the superuser by registered users. Thanks to Filippo Cavallarin from www.segment.technology for discovering this bug.
Diffstat (limited to 'lib/plugins/authplain/lang/de-informal')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 08:33:00 +0000